I have made a script in C which spawns a shell. Here it is
Code:
#include<stdio.h>
char shellcode[] = "\xeb\x18\x5e\x31\xc0\x88\x46\x09\x89\x76\x0a\x89\x46\x0e\xb0\x0b\x89\xf3\x8d\x4e\x0a\x8d\x56\x0e\xcd\x80\xe8\xe3\xff\xff\xff\x2f\x62\x69\x6e\x2f\x62\x61\x73\x68\x41\x42\x42\x42\x42\x43\x43\x43\x43\x43";
main()
{
int *ret;
ret = (int *)&ret + 2;
(*ret) = (int)shellcode;
}
I have made it as root & set it as suid by
Now i have copied this file to a normal user's location & executed as normal user. So i have expected a root shell for the normal user but i got the bash shell as a normal user.
I dont understand why i am not getting root shell ?
According to the definition of SUID, it is
Quote:
|
If the SUID bit is set for any application then your user ID would be set as that of the owner of application/file rather than the current user, while running that application.
|
So what wrong i am doing ?
My OS info
Code:
Linux bt 3.2.6 #1 SMP Fri Feb 17 10:40:05 EST 2012 i686 GNU/Linux
Thanks
